Biometric authentication system, biometric authentication server, method and program thereof

ABSTRACT

An authentication system in which a authentication server and a plurality of clients are coupled through a network and configured to process an authentication from a user of a client, is configured to determine as a cache target user another user who is different from the user who requested the authentication; is configured to generate an identifier that indicates the cache target user; and is configured to transmit biometric data of the cache target user and the identifier to the client from which the authentication of the user was requested. A cache availability determiner can determine whether biometric data of any cache target user are available on a client.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is based upon and claims the benefit of priority of theprior Japanese Patent Application No. 2010-214695, filed on Sep. 27,2010, the entire contents of which are incorporated herein by reference.

FIELD

The embodiments discussed herein are related to a biometricauthentication system to perform a biometric authentication.

BACKGROUND

In order to address concentration of accesses by clients in aclient-server system, a cluster method is proposed in which a pluralityof servers mutually collaborates to share the load. Compared withpersonal authentication systems that use a password and/or a PersonalIdentification Number (PIN), biometric authentication systems thatperform biometric authentications generally have a large authenticationprocessing load. Accordingly, the biometric authentication system mayshare the load by the cluster method according to the size (number) ofclients.

Although clustering of servers achieves a certain effect to share theload, expected performance may not be achieved depending on how muchauthentication requests are concentrated on at specific time.Accordingly, a technique is proposed in which authentication data isregistered in a cache memory of a client and so on and verification isperformed by using the authentication data registered in the cachememory, and thereby reducing, if not preventing, to cause an excessiveload to servers or the network. Moreover, the following technique isproposed. According to the technique, a certain pieces of authenticationdata is stored in a database (DB) of a device that is different from aserver that retain all of the authentication data, verification isperformed using the certain piece of authentication data. As a result,authentication requests that are assumed to be failed on the server arereduced and an excessive load to the server may be reduced, if notprevented (for example, Japanese Laid-open Patent Publication No.2003-44442, Japanese Laid-open Patent Publication No. 2001-256191 andJapanese Laid-open Patent Publication No. 2005-142848).

SUMMARY

In accordance with an aspect of the embodiments, an authenticationsystem in which a authentication server and a plurality of clients arecoupled through a network and configured to process an authenticationrequest from a user of a client, is configured to determine as a cachetarget user another user who is different from the user who requestedthe authentication; is configured to generate an identifier thatindicates the cache target user; and is configured to transmit biometricdata of the cache target user and the identifier to the client fromwhich the authentication of the user was requested. A cache availabilitydeterminer can determine whether biometric data of any cache target userare available on a client.

The object and advantages of the invention will be realized and attainedby at least the features, elements and combinations particularly pointedout in the claims. It is to be understood that both the foregoinggeneral description and the following detailed description are exemplaryand explanatory and are not restrictive of the invention, as claimed.

BRIEF DESCRIPTION OF DRAWINGS

These and/or other aspects and advantages will become apparent and morereadily appreciated from the following description of the embodiments,taken in conjunction with the accompanying drawing of which:

FIG. 1 is a block diagram illustrating an apparatus configuration of abiometric authentication system;

FIG. 2 is a schematic diagram illustrating an example of anauthentication method according to a first embodiment;

FIG. 3 is a flowchart of authentication processing that includes cacheprocessing of cache data;

FIG. 4 is a flowchart of authentication processing that uses cache data;

FIG. 5 is a schematic diagram illustrating an example of anauthentication method according to a second embodiment;

FIG. 6 is a schematic diagram illustrating an example of anauthentication method according to a third embodiment;

FIG. 7A illustrates an example of a relationship between a user name anda group to which the user belongs;

FIG. 7B illustrates an example of a cache available group;

FIG. 7C illustrates an example of a relationship between anadministrative group and a dependent group;

FIG. 8 illustrates an example of cache availability attributeinformation;

FIG. 9 illustrates an example of client information to which priority isassigned;

FIG. 10 is a schematic diagram illustrating an example of anauthentication method according to a fourth embodiment;

FIG. 11A illustrates an example of network group information;

FIG. 11B illustrates an example of an authentication log; and

FIG. 11C illustrates an authentication rate for each user.

DESCRIPTION OF EMBODIMENTS

As described above, if biometric data of a user is almost always cachedto a specific client, integrity of authentication data may not beensured depending on power status of the client. Furthermore, ifauthentication data is cached to another specific device that isdifferent from a server retaining all authentication data, the load tothe specific device is greatly increased. Moreover, there is a drawbackin which the load to the server is not shared.

Hereinafter, one embodiment of the present disclosure to address theabove issues will be described by referring to accompanying drawings.

(Biometric authentication system) An example of an apparatusconfiguration of a biometric authentication system 100 according to eachembodiment will be described by referring to FIG. 1. FIG. 1 is a blockdiagram illustrating an apparatus configuration of the biometricauthentication system 100.

As illustrated in FIG. 1, the biometric authentication system 100includes a client 10 a, a client 10 b, and a biometric authenticationserver 50.

Configurations of the client 10 a and a client 10 b will be described.

The client 10 a includes a sensor control unit 12 a, a biometricinformation acquisition processing unit 13 a, a cache control processingunit 14 a, a cache data storage unit 15 a, a communication control unit16 a, and a verification processing unit 17 a. A biometric informationinput unit 11 a and an authentication result notification unit 18 a arecoupled to the client 10 a.

The client 10 b includes a sensor control unit 12 b, a biometricinformation acquisition processing unit 13 b, a cache control processingunit 14 b, a cache data storage unit 15 b, a communication control unit16 b, and a verification processing unit 17 b. Hereinafter, when theclient 10 a and the client 10 b are not distinguished, the client 10 aand the client 10 b are described as “client 10” and the components areindicated without any alphabet.

The biometric information input unit 11 inputs biometric information anda user ID. The biometric information input unit 11 includes a sensor,for example, an image sensor, and an input device such as a keyboard anda card reader. A user inputs biometric information through the sensorand inputs the user ID through the input device when the user requestshis or her authentication. The biometric information is, for example,fingerprint and palm vein.

The sensor control unit 12, the biometric information acquisitionprocessing unit 13, the cache control processing unit 14, thecommunication control unit 16, and the verification processing unit 17are achieved, for example, by execution of a program by a CentralProcessing Unit (CPU). Furthermore, the cache data storage unit 15 isachieved, for example, by a storage device such as a hard disk.

The sensor control unit 12 takes biometric information and a user IDthat are input to the biometric information input unit 11 into theclient 10. The biometric information acquisition processing unit 13acquires biometric data for verification that complies with anauthentication method of the biometric authentication system 100 fromthe biometric information. The communication control unit 16 controlstransmission and reception of data between the biometric authenticationserver 50 and other clients. The cache control processing unit 14performs processing of data stored in the cache data storage unit 15.The verification processing unit 17 performs processing relating toverification of biometric data.

The biometric authentication result notification unit 18 is, forexample, a display, and notifies a user of a result of verificationconducted by the verification processing unit 17.

A configuration of the biometric authentication server 50 will bedescribed.

The biometric authentication server 50 includes a biometric dataverification processing unit 51, an operation monitoring processing unit52, a group control processing unit 53, a server cache controlprocessing unit 54, a communication control unit 55, a registered datainput and output unit 56, a registered data storage unit 57, and a logdata storage unit 58.

The biometric data verification processing unit 51, the operationmonitoring processing unit 52, the group control processing unit 53, theserver cache control processing unit 54, and the communication controlunit 55 are achieved, for example, by execution of a program by a CPU.The registered data storage unit 57 and the log data storage unit 58 areachieved, for example, by a storage device such as a hard disk.

The communication control unit 55 controls transmission and reception ofdata between the client 10 a and the client 10 b. The registered datastorage unit 57 stores a plurality of pieces of biometric data. Theregistered data input and output unit 56 inputs and outputs biometricdata stored in the registered data storage unit 57. The biometric dataverification processing unit 51 checks the biometric data forverification that is received through the communication control unit 55against biometric data stored in the registered data storage unit 57.The operation monitoring processing unit 52 monitors operations of thebiometric authentication system 100. The group control processing unit53 performs, for example, processing to generate a group to which a userwho requests an authentication belongs. The server cache controlprocessing unit 54 processes data stored in the registered data storageunit 57.

When a user requests an authentication through the client 10 in theabove-described biometric authentication system 100, the biometricauthentication method according to each embodiment described below willbe executed. Hereinafter, each embodiment will be described.

First Embodiment

An authentication method according to the first embodiment will bedescribed. According to the first embodiment, a biometric authenticationserver 50 makes a client 10 cache biometric data of another user who isdifferent from a user who requests an authentication. Hereinafter,specific descriptions will be made by referring to FIG. 2.

FIG. 2 is a schematic diagram illustrating an example of anauthentication method according to the first embodiment in a biometricauthentication system 100. In the example of FIG. 2, a user A requestsan authentication from the client 10 a and a user B requests anauthentication from the client 10 b. The authentication method for theuser A and that for the user B will be described below.

The authentication method for the user A is described. Here, it isassumed that biometric data of the user A is not cached to any of theclient 10 a and the client 10 b.

The user A inputs biometric information and a user ID to the client 10a. For example, the user A inputs the biometric information and the userID from the biometric information input unit 11 a (the arrow A1). Thesensor control unit 12 a takes the input biometric information and theuser ID into the client 10 a. Hereinafter, the input user ID of the userA is referred to as the “user IDA.” When the biometric information ofthe user A and the user IDA are input to the client 10 a, the biometricinformation acquisition processing unit 13 a acquires biometric data forverification that complies with the authentication method of thebiometric authentication system 100 from the biometric information.Hereinafter, the biometric data for verification acquired from thebiometric information of the user A is referred to as the “biometricdata for verification CDA.” The biometric information acquisitionprocessing unit 13 a transmits the user IDA and the biometric data forverification CDA to the verification processing unit 17 a (the arrowA2).

The verification processing unit 17 a confirms the biometricauthentication server 50 whether the biometric data of the user A iscached to any client. For example, the verification processing unit 17 atransmits a confirmation request that includes the user IDA to thebiometric authentication server 50 (the arrow A3).

When the biometric data is cached to any of the clients, informationsuch as a client address of the cache destination (hereinafter, referredto as a “cache destination address”) is stored in the registered datastorage unit 57 of the biometric authentication server 50, which will bedescribed in detail later. Therefore, when the server cache controlprocessing unit 54 receives the confirmation request, the server cachecontrol processing unit 54 searches the registered data storage unit 57through the registered data input and output unit 56 based on the userIDA and confirms whether any of the clients caches the biometric data ofthe user A. When the server cache control processing unit 54 completesthe confirmation, the server cache control processing unit 54 transmitsthe confirmation result to the client 10 a (the arrow A4). Here, thebiometric data of the user A is not stored in any of the client 10 a orthe client 10 b. Hence, the server cache control processing unit 54transmits the confirmation result to the client 10 a that indicates thebiometric data of the user A is not cached to any of the clients.

When the verification processing unit 17 a of the client 10 a receivesthe confirmation result that indicates the biometric data of the user Ais not cached to any of the clients, the verification processing unit 17a transmits an authentication request to the biometric authenticationserver 50. For example, the verification processing unit 17 a transmitsan authentication request that includes the user IDA and the biometricdata for verification CDA to the biometric authentication server 50 (thearrow A5).

The biometric data verification processing unit 51 of the biometricauthentication server 50 acquires biometric data DDA of the user A fromthe registered data storage unit 57 based on the user IDA through theregistered data input and output unit 56. The biometric dataverification processing unit 51 performs authentication processing bychecking the biometric data for verification CDA against the biometricdata DDA of the user A. The biometric data verification processing unit51 transmits the authentication result to the client 10 a (the arrowA6). The biometric data verification processing unit 51 transmits theuser IDA to the server cache control processing unit 54 if theauthentication succeeds (the arrow A7).

When the server cache control processing unit 54 receives the user IDA,the server cache control processing unit 54 determines biometric data tobe cached to the client 10 a. As a method to determine biometric data tobe cached, the server cache control processing unit 54 determines a userdifferent from the user of the client that transmits the authenticationrequest as a cache target user and biometric data of the cache targetuser is assumed to be a cache target. Here, the server cache controlprocessing unit 54 determines a user B different from the user A of theclient 10 a as a cache target user and biometric data of the user B isassumed to be a cache target. The server cache control processing unit54 acquires cache target biometric data, in this case, biometric dataDDB of the user B from the registered data storage unit 57. Thus, theserver cache control processing unit 54 functions as a cache target userdetermination unit.

The server cache control processing unit 54 generates a pair of keysthat performs encryption and decryption, in other words, an encryptionkey EK and a decryption key DK. The server cache control processing unit54 encrypts the biometric data DDB of the user B by using the encryptionkey EK. Hereinafter, encrypted biometric data is referred to as“encrypted biometric data.” Moreover, the server cache controlprocessing unit 54 generates a temporary ID that is an identifierindicating the encrypted biometric data is for the user B. The temporaryID is generated as an ID that may not be identified user on a client. Inother words, even if the user A sees the temporary ID, the user A maynot identify whose biometric data corresponds to the temporary ID (referto FIG. 9). In other words, the server cache control processing unit 54generates the temporary ID that is obtained by encrypting the identifierfrom which the user B may be identified in addition to generate theencrypted biometric data EDB that is obtained by encrypting thebiometric data DDB of the user B. Accordingly, the server cache controlprocessing unit 54 functions as an identifier generation unit and anencryption unit. Here, the server cache control processing unit 54generates a key and a temporary ID whenever the server cache controlprocessing unit 54 acquires biometric data from the registered datastorage unit 57. In other words, whenever biometric data is acquired bythe registered data storage unit 57, even when the same biometric datais acquired, the biometric data is encrypted by using different keys.

The server cache control processing unit 54 transmits the encryptedbiometric data EDB of the user B, the temporary ID, and the encryptionkey EK to the client 10 a (the arrow A8). Hereinafter, the encryptedbiometric data EDB, the temporary ID, and the encryption key EK arecollectively referred to as “cache data CHDB.” At this time, the servercache control processing unit 54 makes the registered data storage unit57 store a cache destination address AD (here, an address of the client10 a), the temporary ID, and a decryption key DK of the biometric dataof the user B.

The cache control processing unit 14 a of the client 10 a makes thecache data storage unit 15 a cache the received cache data CHDB of theuser B. Furthermore, the verification processing unit 17 a transmits anauthentication result of the user A received from the biometric dataverification processing unit 51 of the biometric authentication server50 to the authentication result notification unit 18 a (the arrow A9).Accordingly, the authentication result is provided to the user A.

The authentication method of the user B will be described.

The user B inputs the biometric information and the user ID to theclient 10 b. For example, the user B inputs the biometric informationand the user ID from the biometric information input unit 11 b (thearrow B1). The sensor control unit 12 b takes the input biometricinformation and the user ID into the client 10 b. Hereinafter, the inputuser ID of the user B is referred to as the “user IDB.” When thebiometric information of the user B and the user IDB are input to theclient 10 b, the biometric information acquisition processing unit 13 bacquires biometric data for verification that complies with theauthentication method of the biometric authentication system 100 fromthe biometric information. Hereinafter, the biometric data forverification acquired from the biometric information of the user B isreferred to as the “biometric data for verification CDB.” The biometricinformation acquisition processing unit 13 b inputs the user IDB and thebiometric data for verification CDB to the verification processing unit17 b (the arrow B2).

The verification processing unit 17 b confirms with the biometricauthentication server 50 whether the biometric data of the user B iscached to any of the clients. For example, the verification processingunit 17 b transmits a confirmation request that includes the user IDB tothe biometric authentication server 50 (the arrow B3).

When the server cache control processing unit 54 of the biometricauthentication server 50 receives the confirmation request from theclient 10 b, the server cache control processing unit 54 searches theregistered data storage unit 57 through the registered data input andoutput unit 56 based on the user IDB and confirms whether any of theclients caches the biometric data of the user B. Here, as describedabove, the registered data storage unit 57 stores a cache destinationaddress AD (here, an address of the client 10 a) of the encrypted dataof the user B, a temporary ID and a decryption key DK for the encrypteddata. Accordingly, the server cache control processing unit 54 transmitsthe cache destination address AD, the temporary ID, and the decryptionkey DK to the client 10 b as the confirmation result (the arrow B4).

When the verification processing unit 17 b of the client 10 b recognizesthat the biometric data of the user B is cached to the client 10 a basedon the received cache destination address AD, the verificationprocessing unit 17 b transmits an authentication request to the client10 a. For example, the verification processing unit 17 b transmits anauthentication request that includes the biometric data for verificationCDB, the temporary ID, and the decryption key DK to the client 10 a (thearrow B5).

The verification processing unit 17 a of the client 10 a receives thebiometric data for verification CDB, the temporary ID, and thedecryption key DK. The verification processing unit 17 a transmits thetemporary ID, and the decryption key DK to the cache control processingunit 14 a. The cache control processing unit 14 a acquires the cachedata CHDB of the user B from the cache data storage unit 15 a by usingthe temporary ID. The cache control processing unit 14 a decrypts theencrypted biometric data EDB in the cache data CHDB of the user B byusing the decryption key DK. The cache control processing unit 14 atransmits the decrypted biometric data DDB of the user B to theverification processing unit 17 a (the arrow B6). The verificationprocessing unit 17 a performs authentication processing by checking thebiometric data for verification CDB against the biometric data DDB ofthe user B. The verification processing unit 17 a transmits thetemporary ID and the authentication result to the biometricauthentication server 50 (the arrow B8). The server cache controlprocessing unit 54 of the biometric authentication server 50 records theauthentication result in the log data storage unit 58 as a log.Moreover, the verification processing unit 17 a transmits theauthentication result to the client 10 b (the arrow B7).

The verification processing unit 17 b of the client 10 b transmits theauthentication result of the user B to the authentication resultnotification unit 18 b (the arrow B9). Accordingly, the authenticationresult is provided to the user B.

As described above, the biometric authentication system 100 performs anauthentication for the user B by assuming the client 10 a that is acache destination client as a server. The method may reduce anauthentication load to the biometric authentication server 50.Furthermore, the client 10 b does not need to transmit the biometricdata for verification CDB to the biometric authentication server 50 aslong as the cache data of the user B is cached to the client 10 a.Accordingly, a communication load between the client 10 b and thebiometric authentication server 50 may be reduced without adding anydevice.

Particularly, the biometric authentication system 100 caches biometricdata of the user B, who is different from the user A who requests anauthentication, to the client 10 a. As a result, choice of biometricdata to be cached may be increased compared with when biometric data ofa user who requests an authentication is almost always cached to theclient of the user. In other words, as the number of authenticationrequests to the biometric authentication server 50 increases, cache dataof more users may be cached to greater number of the clients.Accordingly, a load to the biometric server or that to the specificclient may be effectively reduced, if not prevented.

Here, the biometric data of the user B is stored in the client 10 aafter applying encryption and the temporary ID of the biometric data isset so as not to be identified user B on the client 10 a. Accordingly,the biometric data that is cached to the client 10 a may be in a statethat may not be identified as the biometric data of the user B.

After completing the authentication processing of the user B, theverification processing unit 17 a of the client 10 a transmits theauthentication result of the user B to the client 10 b and transmits theauthentication result of the user B and the temporary ID to thebiometric authentication server 50 as well. Thus, the verificationprocessing unit 17 a functions as an authentication result notificationunit. The server cache control processing unit 54 of the biometricauthentication server 50 stores the authentication result in the logdata storage unit 58 as a log. At this time, the server cache controlprocessing unit 54 converts the temporary ID into a user identifier bywhich the system administrator may identify the user, for example, theuser name and stores the user identifier by associating with theauthentication result. For example, the server cache control processingunit 54 may have relationship information such as a map that indicates arelationship between a temporary ID and a user identifier, and theserver cache control processing unit 54 converts the temporary ID intothe user identifier by using the relationship information. Accordingly,the cache destination client may notify the biometric authenticationserver of the authentication result by using the temporary ID. As aresult, anonymity may be maintained at the cache destination client.Meanwhile, in the biometric authentication server, the systemadministrator may check the authentication result that is associatedwith a user identifier by which the system administrator may identifythe user.

The above-described authentication method according to the firstembodiment will be described by referring to the flowcharts in FIGS. 3and 4. FIG. 3 is a flowchart of authentication processing of the user Athat includes cache processing of cache data. FIG. 4 is a flowchart ofauthentication processing of the user B that uses cache data. In FIGS. 3and 4, the solid lines indicate a processing flow, while the brokenlines indicate a communication flow.

Authentication processing of the user A that includes cache processingof the cache data will be described by referring to FIG. 3. In theflowchart of FIG. 3, the authentication processing of the user A isperformed and the biometric data of the user B is cached to the client10 a. The details will be described below.

At Operation S201, the user A inputs the biometric information and theuser IDA to the client 10 a. The client 10 a acquires biometric data forverification CDA from the biometric information. At Operation S202, theclient 10 a transmits a confirmation request that includes the user IDAto the biometric authentication server 50 in order to confirm whethercache data of the user A is cached to any of the clients.

At Operation S203, the biometric authentication server 50 receives theconfirmation request that includes the user IDA from the client 10 a.The biometric authentication server 50 searches the registered datastorage unit 57 based on the user IDA and confirms whether the cachedata of the user A is cached to any of the clients. At Operation S204,the biometric authentication server 50 also transmits the confirmationresult to the client 10 a. Here, the cache data of the user A is notcached to any of the clients. Therefore, the biometric authenticationserver 50 transmits the confirmation result indicating that the cachedata of the user A is not cached to any of the clients to the client 10a.

At Operation S205, when the client 10 a receives the confirmation resultindicating the cache data of the user A is not cached to any of theclients, the client 10 a requests an authentication to the biometricauthentication server 50 by transmitting the user IDA and biometric datafor verification CDA.

At Operation S206, when the biometric authentication server 50 receivesthe user IDA and biometric data for verification CDA from the client 10,the biometric authentication server 50 acquires biometric data DDA ofthe user A from the registered data storage unit 57 based on the userIDA. The biometric authentication server 50 performs authenticationprocessing by checking the biometric data for verification CDA againstthe biometric data DDA of the user A. At Operation S207, the biometricauthentication server 50 determines whether the authentication succeeds.If the authentication succeeds (operation S207: Yes), the processingproceeds to Operation S208. If the authentication fails (operation S207:No), the processing proceeds to Operation S211.

At Operation S208, the biometric authentication server 50 selects acache target to be cached to the client 10 a based on the user IDA. Forexample, the biometric authentication server 50 selects a user who isdifferent from the user A as a cache target user. Here, the user B isselected as a cache target user. The biometric authentication server 50acquires biometric data DDB of the user B from the registered datastorage unit 57. The biometric authentication server 50 proceeds toprocessing of operation S209. At operation S209, the biometricauthentication server 50 generates a temporary ID that is an identifierindicating the user B together with an encryption key EK and adecryption key DK. At operation S210, the biometric authenticationserver 50 encrypts the biometric data DDB of the user B by using theencryption key EK. The biometric authentication server 50 proceeds toprocessing of operation S211.

At operation S211, the biometric authentication server 50 transmits theauthentication result at operation S207 to the client 10 a. If theauthentication of the user A succeeds, the biometric authenticationserver 50 transmits cache data that includes the biometric data of thecache target user and the temporary ID to the client 10 a. Here, thebiometric authentication server 50 transmits the encrypted biometricdata DDB of the user B, in other words, cache data CHDB that includesthe encrypted biometric data EDB and the temporary ID to the client 10a. After that the biometric authentication server 50 ends theauthentication processing.

At operation S212, when the client 10 a receives the authenticationresult, the client 10 a determines whether the authentication succeedsor fails. When the client 10 a determines the authentication fails(operation S212: No), the client 10 a transmits an authenticationfailure notification to the authentication result notification unit 18 a(operation S213), thereby notifying the authentication result to theuser A and the client 10 a ends the processing. Meanwhile, when theclient 10 a determines the authentication succeeds (operation S212:Yes), the client 10 a proceeds to operation S214. At operation S214, theclient 10 a caches the cache data CHDB to the cache data storage unit 15a. At operation S215, the client 10 a transmits an authenticationsuccess notification to the authentication result notification unit 18a, thereby notifying the authentication result to the user A and theclient 10 a ends the processing.

According to the above-described authentication processing in FIG. 3,authentication processing of the user A is performed and the biometricdata of the user B who is different from the user A is cached to theclient 10 a.

Authentication processing of the user B using cache data will bedescribed by referring to FIG. 4. In the flowchart of FIG. 4,authentication processing of the user B is performed by using the datacached to the client 10 a. Hereinafter, the specific descriptions willbe made.

At operation S301, the user B inputs biometric information and a userIDB to the client 10 b. The client 10 b acquires biometric data forverification CDB from the biometric information. At operation S302, theclient 10 b transmits a confirmation request that includes the user IDBto the biometric authentication server 50 in order to confirm whetherthe cache data of the user B is cached to any of the clients.

At operation S303, the biometric authentication server 50 receives theconfirmation request that includes the user IDB from the client 10 b.The biometric authentication server 50 searches the registered datastorage unit 57 based on the user IDB and confirms whether the cachedata of the user B is cached to any of the clients. At operation S304,the biometric authentication server 50 transmits the confirmation resultto the client 10 b. Here, the biometric authentication server 50transmits a cache destination address AD, a temporary ID, and adecryption key DK to the client 10 b because the cache data of the userB is cached to the client 10 a.

At operation S305, when the client 10 b receives the cache destinationaddress AD, the temporary ID and the decryption key DK, the client 10 brecognizes that the biometric data of the user B is cached to the client10 a based on the cache destination address AD. The client 10 btransmits an authentication request that includes biometric data forverification CDB, the temporary ID, and the decryption key DK to theclient 10 a.

At operation S306, the client 10 a acquires cached data CHDBcorresponding to the temporary ID from the cache data storage unit 15 aand decrypts the biometric data DDB of the user B by using thedecryption key DK. At operation S307, the client 10 a performsauthentication processing by checking the biometric data forverification CDB against the biometric data DDB of the user B. Atoperation S308, the client 10 a transmits the authentication result andthe temporary ID to the biometric authentication server 50 as theauthentication result. At operation S309, the client 10 a transmits theauthentication result to the client 10 b. The client 10 a ends theauthentication processing.

At operation S310, the biometric authentication server 50 records theauthentication result and the temporary ID that are received from theclient 10 a as an authentication log. The biometric authenticationserver 50 ends the processing.

At operation S311, the client 10 b transmits an authentication successnotification to the authentication result notification unit 18 b,thereby providing the authentication result to the user B, and theclient 10 b ends the processing.

According to the above-described authentication processing of FIG. 4,the client 10 a performs authentication processing of the user B.

As described above, in the authentication method according to the firstembodiment, another user who is different from a user who requests anauthentication is determined as a cache target user and theauthentication method makes a client of the user who requests theauthentication cache biometric data of the cache target user. As aresult, choice of biometric data to be cached may be increased and asthe number of authentication requests to the biometric authenticationserver increases, cache data of many users may be cached to manyclients. Accordingly, a load to the biometric server or that to thespecific client may be effectively reduced.

Second Embodiment

An authentication method according to the second embodiment will bedescribed. The authentication method according to the second embodimentmainly selects biometric data of another user in a group to which a userbelongs as a cache target. The description will be made by referring toFIG. 5.

FIG. 5 is a schematic diagram illustrating an example of anauthentication method of a biometric authentication system 100 accordingto the second embodiment. In the example of FIG. 5, a user A requests anauthentication from a client 10 a and a user B requests anauthentication from a client 10 b as in the example of FIG. 5.Hereinafter, an authentication method of the user A and that of the userB will be described.

The authentication method of the user A will be described. Here, it isassumed that biometric data of the user A is not cached to any of theclients 10 a and 10 b.

As in the authentication method according to the first embodiment, theuser A inputs biometric information and an user IDA to the client 10 a(the arrow Al). A biometric information acquisition processing unit 13 aacquires biometric data for verification CDA from the biometricinformation and transmits the user IDA and the biometric data forverification CDA to a verification processing unit 17 a (the arrow A2).

The verification processing unit 17 a requests a confirmation bytransmitting the user IDA to the biometric authentication server 50 (thearrow A3). A server cache control processing unit 54 of the biometricauthentication server 50 confirms whether biometric data of the user Ais cached to any of the clients based on the user IDA, and transmits aconfirmation result indicating the biometric data of the user A is notcached to any of the clients to the client 10 a (the arrow A4).

When the verification processing unit 17 a of the client 10 a receivesthe confirmation result indicating the biometric data of the user A isnot cached to any of the clients, the verification processing unit 17 arequests an authentication by transmitting the user IDA and thebiometric data for verification CDA to the biometric authenticationserver 50 (the arrow A5).

A biometric data verification processing unit 51 of the biometricauthentication server 50 acquires biometric data DDA of the user A fromthe registered data storage unit 57 based on the user IDA. The biometricauthentication server 50 performs an authentication by checking thebiometric data for verification CDA against the biometric data DDA ofthe user A. If the authentication succeeds, the biometric dataverification processing unit 51 transmits the authentication result tothe client 10 a (the arrow A6) and transmits the user IDA to the servercache control processing unit 54 (the arrow A7). The server cachecontrol processing unit 54 selects cache target biometric data to becached to the client 10 a based on the user IDA.

The authentication method according to the second embodiment selectsanother user who belongs to a certain group as a cache target. Thus, theserver cache control processing unit 54 functions as a groupidentification unit. The group is obtained by dividing users who accessthe biometric authentication server 50 into certain sets. Hereinafter,the group is referred to as a “cache target group.” Here, the cachetarget group is set by a system administrator etc. according, forexample, to known information such as an office organization andoperation time. A group is set, for example, for users who could operateat substantially the same time based on operation time of each user. Asa result, cache target users may be limited and biometric data of userswho are known to have high usage frequencies may be preferentiallycached to a client by grouping the users. Accordingly, a load ofauthentication processing may be efficiently shared according to theoperation environment. Here, the server cache control processing unit 54selects another user who belongs to a cache target group to which theuser A belongs as a cache target.

Moreover, the server cache control processing unit 54 can preferentiallyselect a non-access user among users who belong to the cache targetgroup to which the user A belongs. For example, the biometric dataverification processing unit 51 manages time and date of the lastauthentication of each user, and an authentication request from the userA triggers the biometric data verification processing unit 51 totransmit information of another user with time that elapses a certaintime from the last authentication time and date of the other user to theserver cache control processing unit 54 as non-access information (thearrow A7). Here, the certain time is set by the system administrator,and is set, for example, to five hours. Hence, the biometric dataverification processing unit 51 functions as a last authentication timeand date management unit. The server cache control processing unit 54can preferentially select a non-access user among users who belong tothe cache target group to which the user A belongs based on thenon-access information. A non-access user may be appropriatelydetermined, even when operation time of the system is irregular hours,by assuming whether the certain time elapses from the lastauthentication time and date as a reference to determine the non-access.As a result, a load of authentication processing may be shared accordingto the operation environment.

In the authentication method according to the second embodiment, it isassumed that a user B is selected as a cache target by theabove-described method.

The server cache control processing unit 54 acquires biometric data DDBof the user B from the registered data storage unit 57 and encrypts thebiometric data DDB of the user B by using an encryption key EK andgenerates a temporary ID. The server cache control processing unit 54transmits the encrypted biometric data EDB of the user B, the temporaryID, and the encryption key EK to the client 10 a (the arrow A8).Moreover, the server cache control processing unit 54 makes theregistered data storage unit 57 store a cache destination address AD ofthe biometric data DDB of the user B (here, an address of the client 10a), the temporary ID, and the decryption key DK. A cache controlprocessing unit 14 a of the client 10 a makes a cache data storage unit15 a cache the cache data CHDB of the user B. The verificationprocessing unit 17 a of the client 10 a transmits an authenticationresult of the user A that is received from the biometric dataverification processing unit 51 to the authentication resultnotification unit 18 a (the arrow A9). Accordingly, the authenticationresult is provided to the user A.

In the authentication method according to the second embodiment, thebiometric data verification processing unit 51 transmits the cache dataCHDB of the user B by including information that indicates a usagelimit. The usage limit indicates, for example, a time period duringwhich the cache data CHDB may be used. The cache control processing unit14 a manages time when the cache data CHDB is cached to the cache datastorage unit 15 a (hereinafter, referred to as “cache time”). The cachecontrol processing unit 14 a discards the cache data CHDB when the usagetime elapses from the cache time, and transmits a notification that thecache data CHDB is discarded to the biometric authentication server 50together with the temporary ID (the arrow P1). Accordingly, the cachecontrol processing unit 14 a functions as a cache usage time managementunit. When the biometric authentication server 50 receives the discardnotification, the biometric authentication server 50 updates a cachedestination address of a user corresponding to the temporary ID to a“null”. As described above, setting a retention period of cache data ina client may enhance security because the cache data does not remain tobe retained.

The authentication method of the user B will be described.

As described in the authentication method according to the firstembodiment, the user B inputs biometric information and the user IDB tothe client 10 b (the arrow B1). A biometric information acquisitionprocessing unit 13 b acquires the biometric data for verification CDBfrom the biometric information and inputs the user IDB and the biometricdata for verification CDB to the verification processing unit 17 b (thearrow B2).

The verification processing unit 17 b transmits the user IDB to thebiometric authentication server 50 and requests a confirmation (thearrow B3). The server cache control processing unit 54 of the biometricauthentication server 50 searches data in the registered data storageunit 57 based on the user IDB. The server cache control processing unit54 transmits the cache destination address AD, the temporary ID, and thedecryption key DK to the client 10 b when the biometric data of the userB is cached to the client 10 a (the arrow B4).

The verification processing unit 17 b of the client 10 b transmits thebiometric data for verification CDB, the temporary ID, and thedecryption key DK to the client 10 a based on the confirmation result torequest an authentication (the arrow B5).

The verification processing unit 17 a of the client 10 a transmits thetemporary ID and the decryption key DK to the cache control processingunit 14 a. The cache control processing unit 14 a acquires cache data ofthe user B from the cache data storage unit 15 a by using the temporaryID. The cache control processing unit 14 a decrypts the encryptedbiometric data EDB in the cache data of the user B by using thedecryption key DK. The cache control processing unit 14 a transmits thedecrypted biometric data DDB of the user B to the verificationprocessing unit 17 a (the arrow B6). The verification processing unit 17a performs an authentication by checking the biometric data forverification CDB against the biometric data DDB of the user B. Theverification processing unit 17 a transmits the authentication result tothe client 10 b (the arrow B7). The verification processing unit 17 atransmits the temporary ID and the authentication result to thebiometric authentication server 50 (the arrow B8). The server cachecontrol processing unit 54 of the biometric authentication server 50stores the authentication result in the log data storage unit 58 as alog. Moreover, the verification processing unit 17 b of the client 10 btransmits the authentication result of the user B to the authenticationresult notification unit 18 b (the arrow B9). Accordingly, theauthentication result is provided to the user B.

In the authentication method according to the above-described secondembodiment; information that indicates the usage limit included in thecache data CHDB of the user B is the usage time of the cache data CHDB;however the embodiment is not limited to this. Instead, information thatindicates the usage limit may be the number of times that the cache dataCHDB may be used. In this case, the cache control processing unit 14 acounts the number of times the cache data CHDB is used and discards thecache data CHDB when the number of times the cache data is used exceedsthe number of available times. The cache control processing unit 14 atransmits a discard notification indicating the cache data CHDB isdiscarded to the biometric authentication server 50 together with thetemporary ID. Hence, the cache control processing unit 14 a functions asa unit to manage the number of times the cache is used. The biometricauthentication server 50 updates a cache destination addresscorresponding to the temporary ID to a “null”. Security may be enhancedbecause the cache data is not kept retained as described above.

Third Embodiment

An authentication method according to the third embodiment will bedescribed. In the authentication method according to the thirdembodiment, mainly a relationship between a cache target user and a userwho uses a cache destination client is defined as a cache target group.Hereinafter, specific descriptions will be made by referring to FIGS. 6to 9.

FIG. 6 is a schematic diagram illustrating an example of anauthentication method according to the third embodiment.

In the example of FIG. 6, an administrative user A1 requests anauthentication through a client 10 a, while a user A_001 performs anauthentication request through a client 10 b. Hereinafter, anauthentication method of the administrative user A1 and that of the userA_001 will be described.

The authentication method of the administrative user A1 will bedescribed. It is assumed that biometric data of the administrative userA1 is not cached to any of clients 10 a and 10 b. Moreover,substantially the same reference numerals that are used for the user Adescribed in the first and the second embodiments will be used forreference numerals that indicate information relating to theadministrative user A1. Furthermore, substantially the same referencenumerals that are used for the user B described in the first and thesecond embodiments will be used for reference numerals that indicateinformation relating to the user A_001.

As described in the authentication method according to the secondembodiment, the administrative user A1 inputs biometric information anda user IDA to the client 10 a (the arrow A1). A biometric informationacquisition processing unit 13 a acquires biometric data forverification CDA from the biometric information and transmits the userIDA and the biometric data for verification CDA to a verificationprocessing unit 17 a (the arrow A2).

The verification processing unit 17 a requests a confirmation bytransmitting the user IDA to the biometric authentication server 50 (thearrow A3). A server cache control processing unit 54 of the biometricauthentication server 50 confirms whether biometric data of the user Ais cached to any of the clients based on the user IDA, and transmits aconfirmation result indicating the biometric data of the user A is notcached to any client to the client 10 a (the arrow A4).

When the verification processing unit 17 a of the client 10 a receives aconfirmation result indicating the biometric data of the user A is notcached to any of the clients, the verification processing unit 17 arequests an authentication by transmitting the user IDA and thebiometric data for verification CDA to the biometric authenticationserver 50 (the arrow A5).

A biometric data verification processing unit 51 of the biometricauthentication server 50 acquires biometric data DDA of theadministrative user A1 from the registered data storage unit 57 based onthe user IDA. The biometric authentication server 50 performsauthentication by checking the biometric data for verification CDAagainst the biometric data DDA of the administrative user A1. If theauthentication succeeds, the biometric data verification processing unit51 transmits the authentication result of the administrative user A1 tothe client 10 a (the arrow A6) and transmits the user IDA to the servercache control processing unit 54 (the arrow A7).

As described in the first embodiment, the server cache controlprocessing unit 54 selects biometric data to be cached to the client 10a based on the user IDA. For example, the server cache controlprocessing unit 54 identifies a cache target group to which theadministrative user A1 belongs, and selects another user who belongs tothe cache target group as a cache target.

The authentication method according to the third embodiment defines adependency relationship between a cache target user and a cachedestination client user by a group. The server cache control processingunit 54 selects another user who belongs to a group that is dependent ofthe group to which the administrative user A1 belongs as a cache target.The group is set, for example, by an office organization. An example ofgroup identification information that indicates the dependencyrelationship is illustrated in FIGS. 7A, 7B, and 7C.

FIG. 7A illustrates an example of a relationship between a user name anda group to which the user belongs.

FIG. 7A illustrates that the administrative user A1 belongs to “group A”and “group A administrator” while the user A_001 belongs to “group A.”

FIG. 7B illustrates an example of a cache available group. The cacheavailable group is a group of users to which biometric data of anotheruser selected as a cache target may be cached.

FIG. 7B illustrates an administrator of the group A administratorbelongs to the cache available group. In other words, biometric data ofanother user may be cached to a client of a user who belongs to theadministrator of the group A. Thus, biometric data of another user maybe cached to the client 10 a of the administrative user A1, because theadministrative user Al belongs to the group A administrator.

FIG. 7C illustrates an example of a relationship between anadministrative group and a dependent group. The dependent group is agroup of users that is cached to clients of users who belong to theadministrative group.

FIG. 7C illustrates the group A as a dependent group for the group Aadministrator that is the administrative group. In other words,biometric data of the user in the group A is a cache target that iscached to a client of a user who belongs to the group A administrator.

The server cache control processing unit 54 selects, for example, theuser A_001 who belongs to the group A as a cache target user by usingthe above-described group identification information. Accordingly,biometric data of a user who belongs to a group that is dependent on aspecific administrative group may be cached to a client of a user whobelongs to the specific administrative group. Biometric data of asubordinate may be cached to a client of the superior by forming a groupof users who manages subordinates in terms of the office organizationand a group of users who are managed and dependent on the group of userswho manages the subordinates. As a result, a load of the authenticationprocessing may be shared while clarifying responsibility of the cachedata.

According to the third embodiment, when the server cache controlprocessing unit 54 selects biometric data to be cached, the server cachecontrol processing unit 54 determines whether biometric data of a clientwho requests an authentication may be cached.

For example, the server cache control processing unit 54 has cacheavailability attribute information that indicates whether biometric datamay be cached for each client. The server cache control processing unit54 determines whether the biometric data is cached by determining thecache availability attribute for a client that requests anauthentication. FIG. 8 illustrates an example of cache availabilityattribute information.

As illustrated in FIG. 8, the cache availability information has a username, client information, and a cache availability attribute. The clientinformation is indicated, for example, by an IP address of a client.Moreover, the cache availability attribute is indicated by “available”when cache is available, while the cache availability attribute isindicated by “unavailable” when cache is unavailable. In the example ofFIG. 8, the administrative user A1 has three clients (aaa.bbb.ccc.10 toaaa.bbb.ccc.12) and cache is unavailable for the client indicated by“aaa.bbb.ccc.12.”

Thus, the server cache control processing unit 54 determines a cachetarget user when the client 10 a of the administrative user Al thatrequests an authentication has the IP address either “aaa.bbb.ccc.10” or“aaa.bbb.ccc.11.” In other words, the server cache control processingunit 54 makes the client 10 a to cache biometric data of the cachetarget user. Meanwhile, when the client 10 a has the IP address of“aaa.bbb.ccc.12,” the server cache control processing unit 54 does notdetermine a cache target user and does not make the client 10 a to cachebiometric data of another user. In other words, according to the method,availability of cache may be set for each client. As described above, aload of authentication processing may be efficiently shared according tothe operation environment by limiting cache processing based on cacheavailability attributes.

Each client transmits a cache availability notification that indicatesown cache availability to the biometric authentication server 50. Thebiometric authentication server 50 may update the cache availabilityattribute information based on the cache availability notification. Forexample, when the administrative user A1 desires to make cacheavailability of the client 10 a to unavailable, the administrative userA1 transmits a cache availability notification that indicates makingcache availability of the client 10 a unavailable to the biometricauthentication server 50 through the client 10 a (the arrow P2 in FIG.6). For example, the cache control processing unit 14 a of the client 10a transmits the cache availability notification to the biometricauthentication server 50. Thus, the cache control processing unit 14 afunctions as a cache availability notification unit. When the biometricauthentication server 50 receives the cache availability notification,the biometric authentication server 50 updates the cache availabilityattribute information. For example, when an address of the client 10 ais indicated by “aaa.bbb.ccc.10,” the biometric authentication server 50updates the cache availability attribute corresponding to the“aaa.bbb.ccc.10” by changing from “available” to “unavailable.” When theclient 10 a stores the cache data, the biometric authentication server50 deletes the temporary ID, the address and the decryption key for thecache data. The client 10 a deletes the cache data stored therein whenthe client 10 a transmits the cache availability notification to thebiometric authentication server 50. As a result, biometric data is notcached to the client 10 a.

For example, when the administrative user A1 desires to make the cacheavailability available, the administrative user A1 transmits a cacheavailability notification indicating to that effect to the biometricauthentication server 50 through the client 10 a. When the biometricauthentication server 50 receives the cache availability notification,the biometric authentication server 50 updates the cache availabilityattribute information for the “aaa.bbb.ccc.10” by changing from“unavailable” to “available.” As a result, biometric data is cached tothe client 10 a.

According to the above-described manner, a client who is set to be cacheavailable may be temporarily changed to cache unavailable, or a clientwho is set to be cache unavailable may be temporarily changed to cacheavailable. Thus, a load of authentication processing may be efficientlyshared even for an irregular operation. Here, the client 10 a is assumedto be cache available.

The server cache control processing unit 54 acquires biometric data DDBof the user A_001 who is selected as a cache target user from theregistered data storage unit 57, encrypts the biometric data DDB of theuser A_001 by using the encryption key EK and generates the temporaryID. The server cache control processing unit 54 transmits encryptedbiometric data EDB of the user A_001, the temporary ID, and anencryption key EK to the client 10 a (the arrow A8). Moreover, theserver cache control processing unit 54 makes the registered datastorage unit 57 store a cache destination address AD of the biometricdata DDB of the user A_001 (here, an address of the client 10 a), thetemporary ID, and the decryption key DK. The cache control processingunit 14 a of the client 10 a makes a cache data storage unit 15 a storethe cache data CHDB of the user A_001. The verification processing unit17 a transmits an authentication result of the user A that is receivedfrom the biometric data verification processing unit 51 to theauthentication result notification unit 18 a (the arrow A9).Accordingly, the authentication result is provided to the user A.

When biometric data of a user who is selected as a cache target iscached to a plurality of clients, the server cache control processingunit 54 may manage the number of clients.

For example, the server cache control processing unit 54 setssubstantially the maximum number of cache destination clients ofbiometric data of a user who is selected as a cache target. The servercache control processing unit 54 caches biometric data of the user whenthe number of cache destination clients of the biometric data of theuser does not exceed substantially the maximum value and the biometricdata of the user is not cached to the client that requests anauthentication.

For example, the server cache control processing unit 54 determineswhether the number of cache destination clients of the biometric data ofthe user A_001 does not exceed substantially the maximum value and thebiometric data of the user A_001 is not cached to the client 10 a thatrequests an authentication. When the server cache control processingunit 54 determines the number of cache destination clients of thebiometric data of the user A_001 does not exceed substantially themaximum value and the biometric data of the user A_001 is not cached tothe client 10 a that requests an authentication, the server cachecontrol processing unit 54 caches the biometric data of the user A_001to the client 10 a. Accordingly, the biometric data of the user A_001may be cached to the plurality of clients. Hence, the server cachecontrol processing unit 54 functions as a unit to manage the number ofcache destination clients.

The server cache control processing unit 54 determines priority of cachedestinations when biometric data of a user is cached to a plurality ofclients. When a cache target user requests a confirmation later, theserver cache control processing unit 54 determines a client that thecache target user accesses based on the priority of the cachedestinations. In other words, the client with substantially the highestcache priority is determined. The priority of cache destinations may bedetermined according, for example, to cached time or operation states ofthe clients, or may be determined for each client beforehand. FIG. 9illustrates an example of cache destination client information to whichpriority is assigned.

FIG. 9 illustrates a relationship among, a user name, a temporary ID, adecryption key, a cache destination address, and priority. In theexample of FIG. 9, biometric data of the user A_001 is cached to twoclients of the administrative user A1. The priority of the clientindicated by “aaa.bbb.ccc.10” is “1”, while the priority of the clientindicated by “aaa.bbb.ccc.11” is “2.” Thus, when the user A_001 requestsa confirmation, the server cache control processing unit 54 transmitsthe cache destination address “aaa.bbb.ccc.10,” the temporary ID and thedecryption key corresponding to the cache destination address to theuser A_001. If a client of the cache destination address“aaa.bbb.ccc.10” is unavailable, the server cache control processingunit 54 transmits the cache destination address “aaa.bbb.ccc.11,” thetemporary ID, and the decryption key corresponding to the cachedestination address to the user A_001. Accordingly, even if a certainclient to which biometric data is cached is unavailable, another clientmay be used instead and a load may be shared according to operationstates of clients.

Continuously descriptions of FIG. 6, the authentication method of theuser A_001, will be described.

As described in the authentication method according to the firstembodiment, the user A_001 inputs biometric information and the user IDBto the client 10 b (the arrow B1). A biometric information acquisitionprocessing unit 13 b acquires the biometric data for verification CDBfrom the biometric information and inputs the user IDB and the biometricdata for verification CDB to the verification processing unit 17 b (thearrow B2).

The verification processing unit 17 b transmits the user IDB to thebiometric authentication server 50 (the arrow B3). The server cachecontrol processing unit 54 of the biometric authentication server 50searches data in the registered data storage unit 57 based on the userIDB. The server cache control processing unit 54 transmits the cachedestination address AD, the temporary ID, and the decryption key DK tothe client 10 b when the biometric data of the user A_001 is cached tothe client 10 a (the arrow B4).

The verification processing unit 17 b of the client 10 b transmits thebiometric data for verification CDB, the temporary ID, and thedecryption key DK to the client 10 a (the arrow B5).

The verification processing unit 17 a of the client 10 a transmits thetemporary ID and the decryption key DK to the cache control processingunit 14 a. The cache control processing unit 14 a acquires cache data ofthe user A_001 from the cache data storage unit 15 a by using thetemporary ID. The cache control processing unit 14 a decrypts theencrypted biometric data EDB in the cache data of the user A_001 byusing the decryption key DK. The cache control processing unit 14 atransmits the decrypted biometric data DDB of the user A_001 to theverification processing unit 17 a (the arrow B6). The verificationprocessing unit 17 a performs an authentication by checking thebiometric data for verification CDB against the biometric data DDB ofthe user A_001. The verification processing unit 17 a transmits theauthentication result to the client 10 b (the arrow B7). Theverification processing unit 17 a transmits the temporary ID and theauthentication result to the biometric authentication server 50 (thearrow B8). The server cache control processing unit 54 of the biometricauthentication server 50 stores the authentication result in the logdata storage unit 58 as a log. Moreover, the verification processingunit 17 b of the client 10 b transmits the authentication result of theuser A_001 to the authentication result notification unit 18 b (thearrow B9). Accordingly, the authentication result is provided to theuser A_001.

Fourth Embodiment

An authentication method according to the fourth embodiment will bedescribed. The authentication method according to the fourth embodimentmainly changes an operation environment according to an access state.Hereinafter, specific descriptions will be made by referring to FIGS. 10and 11.

FIG. 10 is a schematic diagram illustrating an example of theauthentication method according to the fourth embodiment.

The authentication flow of the user A indicated by the arrows Al to A5is substantially the same as that of the first embodiment, and will notbe described.

A biometric data verification processing unit 51 of a biometricauthentication server 50 acquires biometric data DDA of a user A from aregistered data storage unit 57 based on a user IDA. The biometricauthentication server 50 performs authentication processing by checkingthe biometric data for verification CDA against the biometric data DDAof the user A. If the authentication succeeds, the biometric dataverification processing unit 51 transmits the result of successfulauthentication of the user A to the client 10 a (the arrow A6) andtransmits the user IDA to the server cache control processing unit 54(the arrow A7).

According to the authentication method according to the fourthembodiment, an operation monitoring processing unit 52 starts cachingbiometric data to a client that requests an authentication when thenumber of clients that request an authentication that are measured fromreference time exceeds a certain value. Hereinafter, specificdescriptions will be made.

The operation monitoring processing unit 52 of the biometricauthentication server 50 statistically manages authentication time foreach client. The operation monitoring processing unit 52 calculates thenumber of clients that requests an authentication from the referencetime based on the authentication time, when the number of clientsexceeds the certain number of clients, the operation monitoringprocessing unit 52 transmits operation information indicating that thenumber of clients exceeds the certain number of clients to the servercache control processing unit 54. Thus, the operation monitoringprocessing unit 52 functions as a measurement unit. When the servercache control processing unit 54 receives the operation information, theserver cache control processing unit 54 starts caching biometric data tothe client that requests an authentication. For example, when referencetime is 4:00 and a reference value is 35, if the number of clients thatrequest authentication exceeds 35, the operation monitoring processingunit 52 transmits operation information that indicates to that effect tothe server cache control processing unit 54. When the server cachecontrol processing unit 54 receives the operation information, theserver cache control processing unit 54 starts caching biometric data tothe client that requests an authentication. As a result, caching may beautomatically started at timing when accesses from clients arecongested, and a load of authentication processing is shared accordingto the access state.

Here, it is assumed that caching is already started when the client 10 arequests an authentication. Thus, when the server cache controlprocessing unit 54 receives the user IDA, the server cache controlprocessing unit 54 selects biometric data to be cached to the client 10a. As a method to select a cache target user, the server cache controlprocessing unit 54 selects biometric data of another user who isdifferent from the user A of the client 10 a as a cache target.

In the authentication method according to the fourth embodiment, theserver cache control processing unit 54 selects a cache target userbased on a network distance between clients and an authentication rateof each user.

The method to select a cache target user based on the network distancebetween clients will be described. Here, the network distance indicatesa length of a communication transmission line between the clients. Theserver cache control processing unit 54 selects a user of a client thatthe distance from a client that requests an authentication is shorterthan a certain distance as a cache target user. Shorter than the certaindistance indicates, for example, the clients are in the same networksegment.

For example, the group control processing unit 53 of the biometricauthentication server 50 manages a network distance between the clients.For example, the group control processing unit 53 has group information(hereinafter, referred to as “network group information”) that isobtained by grouping a plurality of clients by each network segment.FIG. 11A illustrates an example of network group information. Asillustrated in FIG. 11A, a client of the user A and a client of the userB belong to a “group S” that is the same network segment. A networkdistance between clients that belong to the same network segment iscloser compared with a network distance between clients that belong todifferent network segments. The group control processing unit 53transmits the network group information to the server cache controlprocessing unit 54. Accordingly, the group control processing unit 53functions as a network distance management unit.

The server cache control processing unit 54 can preferentially select auser of a client that belongs to the same group as a client thatrequests an authentication based on the network group information. Here,the client 10 a of the user A and the client 10 b of the user B belongto the same group S. Hence, the server cache control processing unit 54may select biometric data of the user B as a cache target to be cachedto the client 10 a. According to the method, a network distance betweena client that the cache target user uses and a cache destination clientmay be closer as much as possible, thereby reducing time ofcommunication between the clients when an authentication is requested tothe client.

A method to select a cache target user based on an authentication rateof each user will be described.

The operation monitoring processing unit 52 of the biometricauthentication server 50 calculates an authentication success rate foreach user by using an authentication result log (hereinafter, referredto as “authentication log”). FIG. 11B illustrates an example of theauthentication log. The authentication log records a user name, anauthentication result, and time when an authentication is performed. InFIG. 11B, “success” indicates an authentication succeeds, and “failure”indicates an authentication fails. The operation monitoring processingunit 52 calculates an authentication rate for each user based on theauthentication log. FIG. 11C illustrates an authentication rate for eachuser. The operation monitoring processing unit 52 transmits informationof a user having an authentication rate lower than a certain referencevalue to the group control processing unit 53 as operation information.Thus, the operation monitoring processing unit 52 functions as anauthentication rate management unit. The group control processing unit53 transmits group information (hereinafter, referred to as “lowauthentication rate group”) that are made up of users with anauthentication rate lower than the certain reference value to the servercache control processing unit 54. The server cache control processingunit 54 can preferentially select a user who belongs to the lowauthentication rate group as a cache target when selecting a cachetarget user.

In FIG. 11C, for example, when a reference value of an authenticationrate is 0.48, the user B has lower authentication rate than thereference value. Therefore, the operation monitoring processing unit 52transmits information of the user B to the server cache controlprocessing unit 54 through the group control processing unit 53.

In the authentication method according to the fourth embodiment, it isassumed that the user B is selected as a cache target user by theabove-described method.

The server cache control processing unit 54 transmits encryptedbiometric data EDB of the user B, a temporary ID, and an encryption keyEK to the client 10 a (the arrow A8). Moreover, the server cache controlprocessing unit 54 makes the registered data storage unit 57 store acache destination address AD of the biometric data DDB of the user B(here, an address of the client 10 a), the temporary ID, and adecryption key DK. A cache control processing unit 14 a of the client 10a makes a cache data storage unit 15 a cache cache data CHDB of the userB.

The authentication flow of the user B indicated by the arrows B1 to B9is substantially the same as that of the first embodiment, and will notbe described.

The authentication method according to the fourth embodiment selects acache target user based on an authentication rate of each user. However,the method to select a cache target user according to an authenticationstatus of a user does not limit to the above-described method. Insteadof, or in addition to the above-described method, a cache target usermay be selected based, for example, on an access trend of users or howmuch authentications are concentrated. Hereinafter, the method will bedescribed.

A method to select a cache target user based on an access trend of userswill be described.

The operation monitoring processing unit 52 of the biometricauthentication server 50 statistically manages authentication time ofeach user and calculates a period of time on which authenticationrequests to the biometric authentication server 50 are concentrated. Forexample, the operation monitoring processing unit 52 calculates a periodof time in which the certain number of authentications or more isrequested for each user as a period of time on which authenticationrequests are concentrated. When a user (for example, a user A) requestsan authentication, the operation monitoring processing unit 52 transmitsinformation of another user on (for) whom authentication requests areconcentrated in a period of time after a certain time elapses from atime when the authentication is requested based on the calculationresult to the server cache control processing unit 54 as operationinformation. Hence, the operation monitoring processing unit 52functions as an authentication time management unit and a user operationperiod of time calculation unit. The server cache control processingunit 54 selects the other user as a cache target user. According to themethod, another user who statistically requests authentications morefrequently later compared with a user may be cached. Accordingly, cachedata may be efficiently used.

A method to select a cache target user based on how much userauthentications are concentrated will be described.

The operation monitoring processing unit 52 of the biometricauthentication server 50 statistically manages authentication time ofeach user. The operation monitoring processing unit 52 transmitsinformation of authentication time of each user to the group controlprocessing unit 53 as operation information. The group controlprocessing unit 53 transmits group information (hereinafter, referred toas “period of time authentication concentration group”) obtained bygrouping users that authentications are concentrated on the same periodof time to the server cache control processing unit 54. When the servercache control processing unit 54 selects a cache target user, the servercache control processing unit 54 can preferentially select a user whobelongs to the same period of time authentication concentration group asa user who requests an authentication. Accordingly, users that theauthentication concentrates on the same period of time may be set in thesame group automatically without setting a group beforehand. As aresult, a load of authentication processing may be shared according tohow much authentications are concentrated on.

Alternative Embodiments

Alternative embodiments of the above-described embodiments will bedescribed.

A first alternative embodiment will be described. According to the firstalternative embodiment, when a cache destination client is unavailable,cache data cached to the cache destination client is re-cached toanother cache destination client. Hereinafter, specific descriptionswill be made.

The operation monitoring processing unit 52 monitors an operation stateof a cache destination client, in other words, whether the cachedestination client is unavailable. When the operation monitoringprocessing unit 52 determines the cache destination client isunavailable, the operation monitoring processing unit 52 resets a usercorresponding to biometric data that is cached to the cache destinationclient to selectable as a cache target user through a registered datainput and output unit 56. Thus, the operation monitoring processing unit52 functions as an operation state monitoring unit.

When the server cache control processing unit 54 selects a cache targetuser, the server cache control processing unit 54 can preferentiallyselect a user who is reset to selectable. Accordingly, even when cachedata that is cached to a client is unavailable for some reasons, thecache data may be cached to another user. As a result, cache data may beautomatically reallocated even in an operation environment in whichoperation periods of time of clients are sparsely-distributed.

A second alternative embodiment will be described. According to thesecond alternative embodiment, cache data cached to a cache destinationclient is updated according to time elapsed since the cache data iscached. Hereinafter, specific descriptions will be made.

A cache control processing unit 14 of the cache destination clientmanages time and date when cache data is cached. The cache controlprocessing unit 14 determines whether certain time elapsed since thecache date. When the cache control processing unit 14 determines thecertain time elapses, the cache control processing unit 14 requests anupdate of the cache data to the biometric authentication server 50.Thus, the cache control processing unit 14 functions as an updaterequest unit. The server cache control processing unit 54 of thebiometric authentication server 50 assumes a user corresponding tobiometric data of cache data that is determined to elapse the certaintime since the cache date as a cache target user. In other words, theserver cache control processing unit 54 reacquires biometric data of theuser from the registered data storage unit 57. The server cache controlprocessing unit 54 encrypts the reacquired biometric data by using anewly generated encryption key and generates a new temporary ID. Theserver cache control processing unit 54 transmits the encryptedbiometric data, the temporary ID and the encryption key that aregenerated as described above to the cache destination client as newcache data. Thus, the server cache control processing unit 54 functionsas an update unit.

The cache control processing unit 14 a of the cache destination clientmakes the cache data storage unit 15 store the new cache data andupdates time and date of the cache. Accordingly, security for cache dataof a cache destination client that is almost always in an operationstate is enhanced and cache data may be securely retained for a longperiod.

A third alternative embodiment will be described. According to the thirdalternative embodiment, an access from a cache target user to a cachedestination client is simplified. Hereinafter, specific descriptionswill be made.

When a cache control processing unit 14 of a cache destination clientreceives a temporary ID and a decryption key of a cache target user, thecache control processing unit 14 retains the temporary ID and thedecryption key of the cache target user even after a user isauthenticated by the cache data. Moreover, the biometric authenticationserver 50 notifies cache usage limit to verification processing units 17of both the cache destination client and the client of the cache targetuser. The verification processing units 17 of the both clients functionas a cache usage limit retaining unit. After that, when the client ofthe cache target user requests an authentication, the verificationprocessing units 17 of the client requests an authentication directly tothe cache destination client within a range of the cache usage limitwithout requesting a confirmation to the biometric authentication server50. In other words, the client of the cache target user transmits datafor verification to the cache destination client directly. The cachedestination client performs verification based on the data forverification and transmits the authentication result to the client ofthe cache target user. Whenever the processing is performed, the numberof usage is updated in both the cache destination client and client ofthe cache target user. When the number of usage exceeds the cache usagelimit, the client of the cache target user requests the confirmation tothe biometric authentication server 50 again.

As described above, making cache data of a cache destination clientavailable without through the biometric authentication server 50 in acertain usage limit may further reduce a communication amount when cachedata is used and reduce a load of processing in the biometricauthentication server 50.

According to the above-disclosed system, choice of biometric data to becached may be increased, and as the number of authentication requests tothe biometric authentication server increases, cache data of more usersmay be cached to more clients. Accordingly, a load to the biometricauthentication server may be effectively reduced.

According to an aspect of the embodiments of the invention, anycombinations of one or more of the described features, functions,operations, and/or benefits can be provided. A combination can be one ora plurality. The embodiments can be implemented as an apparatus (amachine) that includes hardware for performing the described features,functions, operations, and/or benefits, for example, hardware thatexecutes instructions or software, for example, computing hardware(i.e., computing apparatus), such as (in a non-limiting example) anycomputer or computer processor that can store, retrieve, receive,process and/or output data and/or communicate (network) with othercomputers. According to an aspect of an embodiment, the describedfeatures, functions, operations, and/or benefits can be implemented byand/or use computing hardware and/or software. For example, the server50 and the clients 10 n can comprise a computing controller (CPU) (e.g.,a hardware logic circuitry based computer processor that processes orexecutes instructions, namely software/program), computer readablemedia, transmission communication interface (network interface), inputdevice (e.g., biometric information input unit 11) and/or an outputdevice, for example, a display device for displaying authenticationresult notifications, and which can be in communication among each otherthrough one or more data communication buses. In addition, an apparatuscan include one or more apparatuses in computer network communicationwith each other or other devices. In addition, a computer processor canrefer to one or more computer processors in one or more apparatuses orany combinations of one or more computer processors and/or apparatuses.An aspect of an embodiment relates to causing and/or configuring one ormore apparatuses and/or computer processors to execute the describedoperations. The results produced can be output to an output device, forexample, displayed on the display. An apparatus or device refers to aphysical machine that performs operations, for example, a computer(physical computing hardware or machinery) that implements or executesinstructions, for example, by way of software, which is code executed bycomputing hardware, and/or by way of computing hardware (e.g., incircuitry, etc.), to achieve the functions or operations beingdescribed. The functions of embodiments described can be implemented inany type of apparatus that can execute instructions or code. Moreparticularly, programming or configuring or causing an apparatus ordevice, for example, a computer, to execute the described functions ofembodiments of the invention creates a new machine where in case of acomputer a general purpose computer in effect becomes a special purposecomputer once it is programmed or configured or caused to performparticular functions of the embodiments of the invention pursuant toinstructions from program software.

A program/software implementing the embodiments may be recorded on acomputer-readable media, e.g., a non-transitory or persistentcomputer-readable medium. Examples of the non-transitorycomputer-readable media include a magnetic recording apparatus, anoptical disk, a magneto-optical disk, and/or volatile and/ornon-volatile semiconductor memory (for example, RAM, ROM, etc.).Examples of the magnetic recording apparatus include a hard disk device(HDD), a flexible disk (FD), and a magnetic tape (MT). Examples of theoptical disk include a DVD (Digital Versatile Disc), DVD-ROM, DVD-RAM(DVD-Random Access Memory), BD (Blue-ray Disk), a CD-ROM (CompactDisc-Read Only Memory), and a CD-R (Recordable)/RW. The program/softwareimplementing the embodiments may be transmitted over a transmissioncommunication path, e.g., a wire and/or a wireless network implementedvia hardware. An example of communication media via which theprogram/software may be sent includes, for example, a carrier-wavesignal.

All examples and conditional language recited herein are intended forpedagogical purposes to aid the reader in understanding the principlesof the invention and the concepts contributed by the inventor tofurthering the art, and are to be construed as being without limitationto such specifically recited examples and conditions, nor does theorganization of such examples in the specification relate to a showingof the superiority and inferiority of the invention. Although theembodiments of the present inventions has been described in detail, itshould be understood that the various changes, substitutions, andalterations could be made hereto without departing from the spirit andscope of the invention.

1. A biometric authentication system in which a biometric authenticationserver computer and a plurality of client computers are coupled througha network and configured to process an authentication request from auser of a client computer, the biometric authentication systemcomprising: the biometric authentication server computer including: aserver cache determination unit configured to determine as a cachetarget user another user who is different from the user who requestedthe authentication to the biometric authentication server computer; anidentifier generation unit configured to generate an identifier thatindicates the cache target user; a transmission unit configured totransmit biometric data of the cache target user and the identifier tothe client computer of the user who requested the authentication; and acache availability determination unit configured to determine whetherbiometric data of any cache target user with corresponding identifierare available on any client computers; and the client computerincluding: a cache unit configured to cache the biometric data of thecache target user and the identifier that are received from thebiometric authentication server computer.
 2. The biometricauthentication system according to claim 1, wherein the biometricauthentication server computer includes a group identification unitconfigured to identify a group to which the user who requested theauthentication belongs; and wherein the server cache determination unitdetermines as the cache target user another user who belongs to thegroup.
 3. The biometric authentication system according to claim 1,wherein the biometric authentication server computer provides cacheavailability attribute information that indicates cache availability ofbiometric data of the client computer; and wherein the server cachedetermination unit determines cache availability of the client computerbased on the cache availability attribute information and determines thecache target user when the client computer is determined to be availablefor cache.
 4. The biometric authentication system according to claim 1,wherein the biometric authentication server computer includes ameasurement unit configured to measure a number of client computers thatperformed an authentication request to the biometric authenticationserver; and wherein the server cache determination unit is configured todetermine the cache target user when the number of client computersmeasured by the measurement unit exceeds a certain number of clientcomputers.
 5. The biometric authentication system according to claim 1,the biometric authentication server computer further comprising: a cachedestination client number management unit configured to manage a numberof client computers to which biometric data of a certain user is cached;and a cache destination priority determination unit configured todetermine priority of a plurality of the client computers to whichbiometric data of the certain user is cached; and the server cachedetermination unit determines a client computer that performsauthentication processing according to the priority among the pluralityof client computers for which priority is determined when the certainuser requests an authentication.
 6. The biometric authentication systemaccording to claim 1, the biometric authentication server computerfurther comprising: a group identification unit configured to identify agroup to which a user of biometric data that is to be cached to theclient computer of the user who requested the authentication belongs;wherein the server cache determination unit determines a user whobelongs to the group as the cache target user.
 7. The biometricauthentication system according to claim 1, the biometric authenticationserver computer further comprising: a last authentication time and datemanagement unit configured to manage a last authentication time and/ordate of each user; wherein the server cache determination unitdetermines as the cache target user other user with authentication timeand/or date elapsed from a last authentication time and/or date of theother user.
 8. The biometric authentication system according to claim 1,the biometric authentication server computer further comprising: anauthentication time management unit configured to manage authenticationtime of each user; a user period of time calculation unit configured tocalculate a period of time on which authentication requests from usersare concentrated; wherein the server cache determination unit determinesas the cache target user, when an authentication is requested, a userfor whom authentication requests are concentrated in a period of timeafter a certain time has elapsed from time of the authenticationrequest.
 9. The biometric authentication system according to claim 1,the biometric authentication server computer further comprising: anauthentication rate management unit configured to manage anauthentication success rate for each user; wherein the server cachedetermination unit determines as the cache target user a user with asuccess rate lower than a certain success rate.
 10. The biometricauthentication system according to claim 1, the biometric authenticationserver computer further comprising: a network distance management unitconfigured to manage a network distance between client computers;wherein the server cache determination unit determines as the cachetarget user a user of a client computer which network distance from theclient computer that performed the authentication request is shorterthan a certain distance.
 11. The biometric authentication systemaccording to claim 1, the biometric authentication server computerfurther comprising: an operation state monitoring unit configured tomonitor an operation state of a cache destination client computer towhich biometric data is to be cached; wherein the server cachedetermination unit determines as the cache target user who is alreadycached to a client computer which is determines an unavailable operationstate by the operation state monitoring unit.
 12. The biometricauthentication system according to claim 1, the client computer furthercomprising: a cache time and date management unit configured to managecache time and/or date when biometric data is cached; an update requestunit configured to transmit an update request to the biometricauthentication server computer when a certain time elapses from thecache time and/or date; wherein the biometric authentication servercomputer additionally encrypts biometric data of a user corresponding tothe biometric data cached to a client computer and generates a newidentifier, and transmits updated encrypted biometric data and theidentifier to the client computer.
 13. The biometric authenticationsystem according to claim 1, wherein a client computer furthercomprises: a cache usage limit retaining unit configured to retain acache usage limit that indicates a usage limit of cached biometric data;wherein the client computer of the cache target user retains an addressof a cache destination client and performs an authentication requestdirectly to the cache destination client within a range of the cacheusage limit when the cache target user performs an authenticationrequest.
 14. A authentication server computer that includes a storageunit configured to store a plurality of pieces of biometric data, thatis coupled to a plurality of client computers through a network, andprocesses an authentication request by checking biometric data forverification collected from a user of a client against the biometricdata when the user requests the authentication through a client of thecomputer; the authentication server computer comprising: one or morecomputing machines that execute: a server cache determination unit todetermine as a cache target user another user who is different from theuser who requested the authentication to the authentication servercomputer; an identifier generation unit to generate an identifier of thecache target user; a transmission unit to transmit biometric data of thecache target user and the identifier to the client computer of the userthat requested the authentication; and a cache availabilitydetermination unit to determine whether biometric data of any cachetarget user with corresponding identifier are available on any of theclient computers.
 15. A biometric authentication method executed by anauthentication server computer that includes a storage unit configuredto store a plurality of pieces of biometric data, is coupled to aplurality of client computers through a network, and performsauthentication request processing for a user of a client by checkingbiometric data for verification collected from a user against thebiometric data, the method comprising: determining by the authenticationserver computer a cache target user who is different from the user whoperformed the authentication request to the authentication servercomputer; generating an identifier for the cache target user; andtransmitting by the authentication server computer biometric data of thecache target user and the identifier to the client computer of the userthat performed the authentication request to the authentication servercomputer.